| #!/bin/bash |
| # Copyright 2025 The Chromium Authors |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| set -e |
| set -x |
| set -o pipefail |
| |
| PREFIX="$1" |
| DEPS_PREFIX="$2" |
| |
| echo FIND_DEPS |
| find "$DEPS_PREFIX" |
| |
| export PKG_CONFIG_PATH="${PKG_CONFIG_PATH}:${DEPS_PREFIX}/lib/pkgconfig" |
| # look for libseccomp. |
| test -f "${DEPS_PREFIX}/lib/pkgconfig/libseccomp.pc" |
| |
| # Interesting flag choices. |
| # |
| # -a -- always rebuild everything, ignore the cache. (This is fine, the build |
| # is fast anyway) |
| # -x -- extremely verbose output. It's possible that our |
| # version of runc isn't self-contained enough and we need to modify the build |
| # in some way to make it actually do what we want. `-x` lets us see what |
| # commands are actually run, which gives us a chance to modify the build. |
| # |
| # Never mind. -a -x is unreadably verbose. Don't do it. |
| # |
| # -ldflags '-linkmode external -extldflags -static' comes from |
| # https://stackoverflow.com/a/38900253 |
| # |
| # I'm not using it anymore, but that's where it comes from. |
| |
| export CGO_CFLAGS="-I${DEPS_PREFIX}/include" |
| export CGO_LDFLAGS="-L${DEPS_PREFIX}/lib -Wl,-Bstatic,-lseccomp,-Bdynamic -pthread -lc -lresolv" |
| |
| export CGO_ENABLED=1 |
| go build -trimpath "-buildmode=pie" -tags "seccomp urfave_cli_no_docs" -o runc . |
| |
| # Test the binary. |
| ./runc --version |
| |
| # install the binary |
| install -v -m 0755 -D ./runc "$PREFIX"/bin/runc |
